gitlab-com-seaweedfs/seaweedfs
1
0
Fork 0
mirror of https://github.com/seaweedfs/seaweedfs.git synced 2024-01-19 02:48:24 +00:00
Code Issues Projects Releases Wiki Activity

Updated FAQ (markdown)

Chris Lu 2020-03-24 18:55:56 -07:00
parent 7c49bba3f1
commit 18402076e3
1 changed files with 7 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
FAQ.md

@ -20,15 +20,17 @@ Yes.
### My data is safe? What about bit-rot protection? Is there any encryption?
Your data is safe! SeaweedFS data is all append-only and create less stress to the disks, especially SSDs with a limited number of write cycles. SeaweedFS can maximumly reduce writes to the same SSD cell, thus increase its lifespan.
* **SSD friendly**: SeaweedFS data is all append-only and create less stress to the disks, especially SSDs with a limited number of write cycles. SeaweedFS can maximumly reduce writes to the same SSD cell, thus increase its lifespan.
Entries on volume servers are CRC checked for any possible changes on server side and accessible via Etag. For Filer and S3 APIs, the files are also checked via MD5 Etag.
* **Bitrot Protection**:Entries on volume servers are CRC checked for any possible changes on server side and accessible via Etag. For Filer and S3 APIs, the files are also checked via MD5 Etag.
Filer can run in AES256 encryption mode, with the encryption keys stored in filer meta data store. So the volume server can safely run anywhere, remote or on cloud. See [[Filer Data Encryption]]
* **Replication**: Each file can have its own replication strategy. Erasure encoding not only saves space, but also can tolerate loss of 4 shards of data.
Between all the components, i.e., master, volume server, filer, and clients, SSL/TLS can be enabled for all the communications. JWT can be enabled to securely allow any client to upload data to volume servers. See [[Security Overview]]
* **Encryption**: Filer can run in AES256 encryption mode, with the encryption keys stored in filer meta data store. So the volume server can safely run anywhere, remote or on cloud. See [[Filer Data Encryption]]
For [[Amazon S3 API]], the credentials can be checked and access control can be enforced.
* **Secure Connection**: Between all the components, i.e., master, volume server, filer, and clients, SSL/TLS can be enabled for all the communications. JWT can be enabled to securely allow any client to upload data to volume servers. See [[Security Overview]]
* **Access Control**: For [[Amazon S3 API]], the credentials can be checked and access control can be enforced.
### How is it optimized for small files? How small is small files?